﻿using System;
using System.Linq;
using System.Web.Security;
using System.Web.UI;

namespace XYZ_Inventory
{
    public partial class Default : Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack & User.Identity.IsAuthenticated)
            {
                Response.Redirect("~/ProductManagement.aspx");
            }
        }

        protected void Button1_OnClick(object sender, EventArgs e)
        {
            string username = tbUsername.Text.Trim().ToLower();
            string password = tbPassword.Text;
            XYZDBContext db = new XYZDBContext();
            UserCredentials userCredentials =
                db.UserCredentials.SingleOrDefault(x => x.Username == username && x.Password == password);

            if (userCredentials == null)
            {
                lblMessage.Text = "Invalid username and/or password is incorrect!";
            }
            else if (userCredentials.Status)
            {
                FormsAuthentication.SetAuthCookie(username, false);
                Response.Redirect("~/ProductManagement.aspx");
            }
            else
            {
                lblMessage.Text = "Sorry, the user was banned!";
            }
        }
    }
}